apps/openssl.cnf: fix reference to insta.ca.crt

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/20832)

diff --git a/apps/openssl-vms.cnf b/apps/openssl-vms.cnf
index 7eaab9457a48d5c64332e3defc5ec0b20345e6f3..393789b424c2ebe7e95d6a5026a60fdcb9b9e4bc 100644 (file)
--- a/apps/openssl-vms.cnf
+++ b/apps/openssl-vms.cnf
@@ -356,7 +356,7 @@ cmd = ir # default operation, can be overridden on cmd line with, e.g., kur
 # Certificate enrollment
 subject = "/CN=openssl-cmp-test"
 newkey = insta.priv.pem
-out_trusted = insta.ca.crt
+out_trusted = apps/insta.ca.crt # does not include keyUsage digitalSignature
 certout = insta.cert.pem
 
 [pbm] # Password-based protection for Insta CA
@@ -366,7 +366,7 @@ secret = $insta::secret # pass:insta
 
 [signature] # Signature-based protection for Insta CA
 # Server authentication
-trusted = insta.ca.crt # does not include keyUsage digitalSignature
+trusted = $insta::out_trusted # apps/insta.ca.crt
 
 # Client authentication
 secret = # disable PBM

diff --git a/apps/openssl.cnf b/apps/openssl.cnf
index ff45f9a5aa44f10b12726e05007f98e00cb5fb97..5597d89a03cb5b0ab19b41231d7076987b04dcdb 100644 (file)
--- a/apps/openssl.cnf
+++ b/apps/openssl.cnf
@@ -356,7 +356,7 @@ cmd = ir # default operation, can be overridden on cmd line with, e.g., kur
 # Certificate enrollment
 subject = "/CN=openssl-cmp-test"
 newkey = insta.priv.pem
-out_trusted = insta.ca.crt
+out_trusted = apps/insta.ca.crt # does not include keyUsage digitalSignature
 certout = insta.cert.pem
 
 [pbm] # Password-based protection for Insta CA
@@ -366,7 +366,7 @@ secret = $insta::secret # pass:insta
 
 [signature] # Signature-based protection for Insta CA
 # Server authentication
-trusted = insta.ca.crt # does not include keyUsage digitalSignature
+trusted = $insta::out_trusted # apps/insta.ca.crt
 
 # Client authentication
 secret = # disable PBM